From 3f5bbb9f02d63cd2a12a99dc5ec6eeec0d51fe30 Mon Sep 17 00:00:00 2001 From: ShravaniVangur Date: Wed, 14 Aug 2024 17:22:59 +0530 Subject: [PATCH] util: setting RequiredDropCapabilities to ALL for rook-ceph-csi scc This commit sets the RequiredDropCapabilities of rook-ceph-csi to "ALL". Signed-off-by: ShravaniVangur --- api/deploy/ocp/scc.yaml | 2 ++ deploy/scc.yaml | 2 ++ vendor/github.com/ceph/ceph-csi/api/deploy/ocp/scc.yaml | 2 ++ 3 files changed, 6 insertions(+) diff --git a/api/deploy/ocp/scc.yaml b/api/deploy/ocp/scc.yaml index 921a651a3d8e..2fa075779714 100644 --- a/api/deploy/ocp/scc.yaml +++ b/api/deploy/ocp/scc.yaml @@ -20,6 +20,8 @@ allowHostPID: true allowHostIPC: true # Set to false as we write to RootFilesystem inside csi containers readOnlyRootFilesystem: false +requiredDropCapabilities: + - ALL runAsUser: type: RunAsAny seLinuxContext: diff --git a/deploy/scc.yaml b/deploy/scc.yaml index 592fd274816a..fbc4961a2ab4 100644 --- a/deploy/scc.yaml +++ b/deploy/scc.yaml @@ -27,6 +27,8 @@ allowHostPID: true allowHostIPC: true # Set to false as we write to RootFilesystem inside csi containers readOnlyRootFilesystem: false +requiredDropCapabilities: + - ALL runAsUser: type: RunAsAny seLinuxContext: diff --git a/vendor/github.com/ceph/ceph-csi/api/deploy/ocp/scc.yaml b/vendor/github.com/ceph/ceph-csi/api/deploy/ocp/scc.yaml index 921a651a3d8e..2fa075779714 100644 --- a/vendor/github.com/ceph/ceph-csi/api/deploy/ocp/scc.yaml +++ b/vendor/github.com/ceph/ceph-csi/api/deploy/ocp/scc.yaml @@ -20,6 +20,8 @@ allowHostPID: true allowHostIPC: true # Set to false as we write to RootFilesystem inside csi containers readOnlyRootFilesystem: false +requiredDropCapabilities: + - ALL runAsUser: type: RunAsAny seLinuxContext: